Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'autoauto' = '54929163.bat'
- 'C:\a\internetport3.exe'
- '<SYSTEM32>\taskkill.exe' /im firefox.exe
- '<SYSTEM32>\taskkill.exe' /im chrome.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = '<-loopback>'
- [<HKLM>\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyServer' = 'http=127.0.0.1:8877;https=127.0.0.1:8877;'
- C:\a\FiddlerCore.dll
- %TEMP%\nse2.tmp\ZipDLL.dll
- C:\a\internetport3.exe
- C:\a\ver.ini
- %TEMP%\nse2.tmp\inetc.dll
- <SYSTEM32>\54929163.bat
- %TEMP%\nse2.tmp\System.dll
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %TEMP%\nse2.tmp\AccessControl.dll
- C:\a\45335191.bat
- C:\a\10124356.zip
- 'wp#d':80
- 'localhost':8877
- 'do###.dotdo.net':80
- wp#d/wpad.dat
- do###.dotdo.net/act/ver7.ini?v=######
- DNS ASK wp#d
- DNS ASK do###.dotdo.net
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Chrome_WidgetWin_0' WindowName: ''